Hackers have been targeting a critical file upload flaw in an addon for the Ninja Forms WordPress plugin that leads to remote ...

"The C2 hosts a web-based graphical user interface (GUI) titled 'NEXUS Listener' that can be used to view stolen information ...

The authentication bypass flaw, tracked as CVE-2026-35616, is the latest in a series of Fortinet vulnerabilities that have ...

Google has confirmed a critical security vulnerability across Android versions 14, 15 and 16 that requires no user interaction or elevated execution privileges.

A researcher has come across what appears to be an actively exploited Adobe Acrobat and Reader zero-day vulnerability.

Chrome patches 21 flaws including exploited CVE-2026-5281 in Dawn, marking fourth zero-day fixed in 2026, reducing active ...

Hackers are running a large-scale campaign to steal credentials in an automated way after exploiting React2Shell ...

Microsoft says that Storm-1175, a China-based financially motivated cybercriminal group known for deploying Medusa ransomware ...

“There are no workarounds identified that directly mitigate the risk concerning this attack campaign,” is not what you want to read, having just been informed of a zero-day exploit concerning a Common ...

Google patches 21 Chrome vulnerabilities, including an actively exploited zero-day flaw that could enable code execution and ...

The Federal Bureau of Investigation (FBI) and Cybersecurity and Infrastructure Security Agency (CISA) are releasing this joint Cybersecurity Advisory (CSA) in response to the active exploitation of ...

Concerns are high over a critical, recently disclosed remote code execution (RCE) vulnerability in Apache Struts 2 that attackers have been actively exploiting over the past few days. Apache Struts is ...